|
286691
|
- |
|
sap
|
crystal_reports
|
Stack-based buffer overflow in SAP Crystal Reports allows remote attackers to execute arbitrary code via a crafted data source string in an RPT file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-5505
|
2024-11-21 11:12 |
2014-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286692
|
- |
|
solarwinds
|
log_and_event_manager
|
SolarWinds Log and Event Manager before 6.0 uses "static" credentials, which makes it easier for remote attackers to obtain access to the database and execute arbitrary code via unspecified vectors, …
|
CWE-255
Credentials Management
|
CVE-2014-5504
|
2024-11-21 11:12 |
2014-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286693
|
- |
|
opensuse
canonical
debian
lua
mageia
|
opensuse
ubuntu_linux
debian_linux
lua
mageia
|
Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service (crash) via a small number of arguments to a fun…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-5461
|
2024-11-21 11:12 |
2014-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286694
|
- |
|
werdswords
|
download_shortcode
|
Directory traversal vulnerability in force-download.php in the Download Shortcode plugin 0.2.3 and earlier for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the file…
|
CWE-22
Path Traversal
|
CVE-2014-5465
|
2024-11-21 11:12 |
2014-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286695
|
- |
|
xrms_crm_project
|
xrms_crm
|
plugins/useradmin/fingeruser.php in XRMS CRM, possibly 1.99.2, allows remote authenticated users to execute arbitrary code via shell metacharacters in the username parameter.
|
CWE-89
SQL Injection
|
CVE-2014-5521
|
2024-11-21 11:12 |
2014-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286696
|
- |
|
hl7
|
c-cda
|
CDA.xsl in HL7 C-CDA 1.1 and earlier does not anticipate the possibility of invalid C-CDA documents with crafted XML attributes, which allows remote attackers to conduct XSS attacks via a document co…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5452
|
2024-11-21 11:12 |
2014-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286697
|
- |
|
linux
|
linux_kernel
|
The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service (unkillable mount process) via a crafted iso9660 ima…
|
CWE-20
Improper Input Validation
|
CVE-2014-5472
|
2024-11-21 11:12 |
2014-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286698
|
- |
|
linux
|
linux_kernel
|
Stack consumption vulnerability in the parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service (uncontrolled rec…
|
CWE-399
Resource Management Errors
|
CVE-2014-5471
|
2024-11-21 11:12 |
2014-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286699
|
- |
|
php-sqrl_project
|
php-sqrl
|
SQL injection vulnerability in sqrl_verify.php in php-sqrl allows remote attackers to execute arbitrary SQL commands via the message parameter.
|
CWE-89
SQL Injection
|
CVE-2014-5458
|
2024-11-21 11:12 |
2014-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286700
|
- |
|
qnap
|
ts-469u_firmware
ts-469u
ts-ec1679u-rp_firmware
ts-ec1679u-rp
ts-459u_firmware
ts-459u
ss-839_firmware
ss-839
|
QNAP TS-469U with firmware 4.0.7 Build 20140410, TS-459U, TS-EC1679U-RP, and SS-839 use world-readable permissions for /etc/config/shadow, which allows local users to obtain usernames and hashed pass…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-5457
|
2024-11-21 11:12 |
2014-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
